When you have a Cyber attack.. Who are you going to call?

It is not if. It is when. When you have a cyber attack do you have a plan? If your a small business you probably have not even thought of it. Your network suddenly grinds to a halt (Denial of Service attack). How do you handle that? Who to call? Is it bad enough you call the authorities? (believe me they do want to know). Do you have a qualified person on your speed dial that you know can come in to mitigate it? How about a major virus attack? My guess is no because there are not a lot of qualified individuals in the market place.

I have been called in after an attack has happened and someone tried to fix it. Forensically it was much more difficult than if I was first on site. I am finding more an more these days that I am usually cleaning up a virus that is half gone. If your professional is not understanding you have to eradicate these things completely then you are still vulnerable. This is why I put tools in place to see what traffic is going across that network and where it is coming from. I can pin point issues pretty fast but it has been done by a lot of experience.

Gone are the days of run a little bit of Malwarebytes and just think that everything is clean on the machine. Things are much more complicated then that. Your run of the mill "IT PERSON" is getting outgunned these days. So where does a business get help?

My answer is there are far and few between really good security professionals available to small businesses. Most are sucked up immediately in the market by large companies. The smaller IT shops have so many other things going on just keeping businesses running these days.

So where is that threshold? How do you recognize when to call authorities. I have called my Friends at the FBI on several occasions when a client calls and there is an active attack going on but general public probably would not have such great luck with it. So here are my quick and very high level guidelines.

If you are getting a Denial of Service attack (basically so much traffic hits your network from a virus you cant use it) certainly call local authorities and they may and probably will refer you to someone like IC3 (www.ic3.gov) which is frankly where I would start. They can and will help you.

If it is some type of fraud or you think data is stolen then call the FBI. You should have a local Field office somewhere near you. You can find one by going to (www.FBI.gov).

Don't be afraid to call anyone. I think that is one of the big mistakes is businesses just deal with the problem. If it isn't reported then the authorities can not get a good picture of what really is going on. I personally have a portal I go to where I report any type of malicious behavior.


The more we can let the right people know how many attacks, of what type and when the better we can defend ourselves. Its getting tougher each day so call someone. If it is an IT person try to find one with a certification. If not get anyone you can to at least try to knock it down. We have to do this together!!